Best Practices

Administrators - Protect Your Company

Implement IP Restrictions in Xactly Incent

A great tool for protecting your applications is restricting login to those IP addresses that you specifically approve. To restrict IP addresses, click Setup > Users > User Information, and enter the appropriate address in the IP address field. When enabled, the specified user can only log into the Xactly Incent application using the specified IP address.

Secure Employee Systems

One of your goals should be to keep email fraud, malware and phishing attempts, from reaching your users. To help do this, secure all computers used by your employees by doing the following:

  • Update all users to the latest supported browser version.
  • Deploy email filtering technology. Make sure you white list Xactly Incent IP addresses.
  • Install and maintain virus and malware protection software on all user machines, and keep all applications and definitions up to date.

Strengthen Password Policies

You can make passwords more secure and harder to break by requiring users to utilitze complex passwords, enforcing password expiration on a regular basis, and implementing lockouts based on unsuccessful login attempts. To set password policies, click Preferences > Password Policies, and specify the following values:

  • Password Expiration

    Controls the frequency by which passwords expire for the Xactly Incent suite

  • Minimum Length

    Specifies the minimum required password length to access the Xactly Incent suite

  • Password Complexity

    Establishes the degree of complexity required for a password

  • Login Attempt Account Lockout Threshold

    Locks out a user after the specified number of consecutive unsuccessful login attempts

  • New Password After Lockout Requirement

    Controls whether a user must create a new password after being locked out of the application

  • Challenge Question Requirement

    Requires a challenge question and answer when the user is resetting their password (to better ensure the identity of the user)

Require Secure Sessions

By default, Xactly mandates that all Xactly Incent suite sessions are encrypted and secure to protect information in transit.

Decrease Session Timeout Thresholds

Users sometimes leave their computers unattended, or they fail to log off. You can protect your applications against unauthorized access by automatically closing sessions when there is no session activity for a period of time. The default timeout is 2 hours; you can set this value from 30 minutes to 2 hours.

To change the session timeout, click Setup > Preferences > SESSION_TIMEOUT, and enter the appropriate value. In addition, you can configure a session timeout warning that is issued to users 10 minutes prior to their session automatically timing out.

To change the session timeout, click Setup > Preferences > SESSION_TIMEOUT_WARNING, and specify the appropriate warning.

Identify the Primary Business Administrator

Xactly recommends that you identify a person in your company who is to serve as the primary person responsible for application administration and security. This person should have a thorough understanding of your application and security policies. Be sure to make this person your single point of contact for Xactly Incent.

To notify Xactly about your primary administrative/security contact, contact Xactly Support.

accordion togglechevrongearslockmonitornew-tabshield_1status_information_available_outlinestatus_information_available_solidstatus_online_outlinestatus_online_solidstatus_service_disruption_outlinestatus_service_disruption_solidmaintenance_outlinemaintenance_solidXTY17632 - Trust UX Icons @x2 v1warning_outlinewarning_solid